Prosím o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod jaro3 » 18 úno 2018 09:55

zoek zruš , pokračuj dále.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 11:58

ComboFix 18-02-16.01 - Martin 18.02.2018 11:00:25.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2154 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: Kaspersky Endpoint Security 10 for Windows *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Endpoint Security 10 for Windows *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Endpoint Security 10 for Windows *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2018-01-18 do 2018-02-18 )))))))))))))))))))))))))))))))
.
.
2018-02-18 10:16 . 2018-02-18 10:16 46008 ----a-w- c:\windows\system32\drivers\mbam.sys
2018-02-18 10:16 . 2018-02-18 10:16 193968 ----a-w- c:\windows\system32\drivers\MbamChameleon.sys
2018-02-18 10:16 . 2018-02-18 10:16 110016 ----a-w- c:\windows\system32\drivers\farflt.sys
2018-02-18 10:16 . 2018-02-18 10:28 84256 ----a-w- c:\windows\system32\drivers\mwac.sys
2018-02-18 10:16 . 2018-02-18 10:16 253880 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2018-02-18 09:13 . 2018-02-18 09:13 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2018-02-18 09:13 . 2018-02-18 09:13 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2018-02-18 09:13 . 2018-02-18 09:13 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2018-02-18 09:13 . 2018-02-18 09:13 -------- d-----w- c:\users\Martin\AppData\Local\Zemana
2018-02-17 19:03 . 2018-02-17 19:03 -------- d-----w- C:\zoek
2018-02-16 23:50 . 2018-02-16 23:50 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-02-16 23:48 . 2018-02-17 09:00 -------- d-----w- c:\programdata\RogueKiller
2018-02-16 19:44 . 2018-02-16 19:44 -------- d-----w- c:\programdata\Sophos
2018-02-16 19:42 . 2018-02-16 19:42 -------- d-----w- c:\program files (x86)\Sophos
2018-02-16 16:52 . 2017-11-29 08:11 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2018-02-16 16:51 . 2018-02-16 16:51 -------- d-----w- c:\programdata\Malwarebytes
2018-02-16 16:51 . 2018-02-16 16:51 -------- d-----w- c:\program files\Malwarebytes
2018-02-16 16:42 . 2018-02-16 18:37 -------- d-----w- C:\AdwCleaner
2018-02-16 16:21 . 2011-05-27 09:06 221184 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2018-02-16 16:21 . 2010-04-01 12:11 162304 ----a-w- c:\windows\system32\AESTAC64.dll
2018-02-16 16:21 . 2009-10-09 22:45 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2018-02-16 16:21 . 2009-03-02 23:58 68608 ----a-w- c:\windows\system32\AESTAR64.dll
2018-02-16 16:21 . 2011-05-27 09:06 6382080 ----a-w- c:\windows\system32\IDTNGUI.exe
2018-02-16 16:21 . 2011-05-27 09:06 4933120 ----a-w- c:\windows\system32\IDTNHP.dll
2018-02-16 16:21 . 2011-05-27 09:06 212480 ----a-w- c:\windows\system32\IDTNJ.exe
2018-02-16 16:21 . 2011-05-27 09:06 1029120 ----a-w- c:\windows\system32\IDTNX.dll
2018-02-16 16:21 . 2011-05-27 09:06 4780032 ----a-w- c:\windows\system32\stlang64.dll
2018-02-16 16:21 . 2011-05-27 09:06 1523712 ----a-w- c:\windows\system32\IDTNC64.cpl
2018-02-16 16:21 . 2011-05-27 09:06 1128448 ----a-w- c:\windows\sttray64.exe
2018-02-16 16:21 . 2009-03-02 23:47 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2018-02-16 14:56 . 2018-02-16 17:32 -------- d-----w- c:\windows\AutoKMS
2018-02-16 09:29 . 2018-02-16 09:31 -------- d-----w- c:\program files (x86)\SpeedFan
2018-02-15 15:17 . 2018-02-10 07:26 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2018-02-15 15:03 . 2018-01-21 23:40 654336 ----a-w- c:\windows\system32\aeinv.dll
2018-02-15 15:03 . 2018-01-19 14:05 749568 ----a-w- c:\windows\system32\generaltel.dll
2018-02-15 15:03 . 2018-01-19 14:05 604672 ----a-w- c:\windows\system32\devinv.dll
2018-02-15 15:03 . 2018-01-19 14:05 450048 ----a-w- c:\windows\system32\centel.dll
2018-02-15 15:03 . 2018-01-19 14:05 378880 ----a-w- c:\windows\system32\invagent.dll
2018-02-15 15:03 . 2018-01-19 14:05 236544 ----a-w- c:\windows\system32\aepic.dll
2018-02-15 15:03 . 2018-01-19 14:05 1994752 ----a-w- c:\windows\system32\aitstatic.exe
2018-02-15 15:03 . 2018-01-19 14:05 1569280 ----a-w- c:\windows\system32\appraiser.dll
2018-02-15 15:03 . 2018-01-19 14:05 262144 ----a-w- c:\windows\system32\acmigration.dll
2018-02-15 15:03 . 2018-01-21 23:50 136424 ----a-w- c:\windows\system32\CompatTelRunner.exe
2018-02-09 16:42 . 2018-02-09 16:42 -------- d-----w- c:\program files\Motorola
2018-02-09 16:42 . 2018-02-09 16:42 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2018-02-09 16:41 . 2018-02-09 16:41 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2018-02-09 14:14 . 2018-02-09 14:14 -------- d-----w- c:\users\Martin\AppData\Roaming\HD Tune Pro
2018-02-09 14:14 . 2018-02-10 12:28 -------- d-----w- c:\program files (x86)\HD Tune Pro
2018-02-08 20:10 . 2018-02-08 20:10 51024 ----a-w- c:\windows\system32\DbxSvc.exe
2018-02-08 20:10 . 2018-02-08 20:10 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2018-02-08 20:10 . 2018-02-08 20:10 45640 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2018-02-08 20:10 . 2018-02-08 20:10 45640 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2018-02-07 10:58 . 2018-02-07 10:58 -------- d-----w- c:\program files\CCleaner
2018-02-02 11:53 . 2011-01-31 10:04 174168 ----a-w- c:\windows\system32\drivers\jmcr.sys
2018-02-02 11:34 . 2018-02-02 11:37 -------- d-----w- c:\program files\IDT
2018-02-02 11:26 . 2018-02-02 11:26 -------- d-----w- C:\Intel
2018-02-02 11:16 . 2018-02-02 11:15 582144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
2018-02-02 11:16 . 2018-02-02 11:15 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2018-02-02 11:16 . 2018-02-02 11:15 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2018-02-02 11:16 . 2018-02-02 11:15 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2018-02-02 11:16 . 2018-02-02 11:15 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2018-02-02 11:16 . 2018-02-02 11:15 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2018-02-02 11:05 . 2018-02-02 11:05 -------- d-----w- c:\windows\HP
2018-02-01 09:12 . 2018-02-01 09:12 -------- d-----w- c:\programdata\Doctor Web
2018-02-01 09:12 . 2018-02-01 11:27 -------- d-----w- c:\users\Martin\Doctor Web
2018-01-26 12:31 . 2018-02-12 09:43 -------- d-----w- c:\program files (x86)\Dropbox
2018-01-23 08:34 . 2017-12-05 17:36 218112 ----a-w- c:\windows\system32\WinSCard.dll
2018-01-23 08:34 . 2017-12-05 17:36 1484288 ----a-w- c:\windows\system32\crypt32.dll
2018-01-23 08:34 . 2017-12-05 17:08 1176576 ----a-w- c:\windows\SysWow64\crypt32.dll
2018-01-23 08:34 . 2017-12-05 16:04 404992 ----a-w- c:\windows\system32\wisptis.exe
2018-01-23 08:34 . 2017-12-05 17:08 135168 ----a-w- c:\windows\SysWow64\WinSCard.dll
2018-01-23 08:34 . 2017-12-05 17:36 229376 ----a-w- c:\windows\system32\wintrust.dll
2018-01-23 08:34 . 2017-12-05 17:36 92160 ----a-w- c:\windows\system32\TabSvc.dll
2018-01-23 08:34 . 2017-12-05 17:36 190976 ----a-w- c:\windows\system32\cryptsvc.dll
2018-01-23 08:34 . 2017-12-05 17:36 141824 ----a-w- c:\windows\system32\cryptnet.dll
2018-01-23 08:34 . 2017-12-05 17:08 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2018-01-23 08:34 . 2017-12-05 17:08 145920 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2018-01-23 08:34 . 2017-12-05 17:08 106496 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-02-15 15:36 . 2017-10-16 09:04 130067560 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-02-15 15:35 . 2012-04-23 06:35 130067560 -c--a-w- c:\windows\system32\MRT.exe
2018-02-07 11:51 . 2012-04-19 18:29 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-02-07 11:51 . 2012-04-19 18:29 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-01-18 09:10 . 2014-12-10 16:14 97344 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2018-01-12 16:40 . 2018-02-15 15:17 345600 ----a-w- c:\windows\system32\schannel.dll
2018-01-12 16:40 . 2018-02-15 15:17 190464 ----a-w- c:\windows\system32\rpchttp.dll
2018-01-12 16:26 . 2018-02-15 15:17 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2018-01-12 16:26 . 2018-02-15 15:17 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2018-01-12 16:26 . 2018-02-15 15:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2018-01-01 16:12 . 2018-01-16 16:10 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2018-01-01 02:21 . 2018-01-16 16:11 1680616 ----a-w- c:\windows\system32\drivers\ntfs.sys
2018-01-01 02:21 . 2018-01-16 16:11 288488 ----a-w- c:\windows\system32\drivers\fltMgr.sys
2018-01-01 02:21 . 2018-01-16 16:10 948968 ----a-w- c:\windows\system32\drivers\ndis.sys
2018-01-01 02:21 . 2018-01-16 16:10 213736 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2018-01-01 02:21 . 2018-01-16 16:10 114408 ----a-w- c:\windows\system32\consent.exe
2018-01-01 02:18 . 2018-01-16 16:10 16896 ----a-w- c:\windows\system32\wshqos.dll
2018-01-01 02:18 . 2018-01-16 16:10 13312 ----a-w- c:\windows\system32\wshnetbs.dll
2018-01-01 02:18 . 2018-01-16 16:11 1741312 ----a-w- c:\windows\system32\sysmain.dll
2018-01-01 02:18 . 2018-01-16 16:10 473600 ----a-w- c:\windows\system32\taskcomp.dll
2018-01-01 02:18 . 2018-01-16 16:10 444928 ----a-w- c:\windows\system32\winhttp.dll
2018-01-01 02:18 . 2018-01-16 16:10 366592 ----a-w- c:\windows\system32\wcncsvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 120320 ----a-w- c:\windows\system32\WcnApi.dll
2018-01-01 02:18 . 2018-01-16 16:10 39424 ----a-w- c:\windows\system32\traffic.dll
2018-01-01 02:18 . 2018-01-16 16:10 24576 ----a-w- c:\windows\system32\WcnEapPeerProxy.dll
2018-01-01 02:18 . 2018-01-16 16:10 24064 ----a-w- c:\windows\system32\WcnEapAuthProxy.dll
2018-01-01 02:18 . 2018-01-16 16:10 22528 ----a-w- c:\windows\system32\wfapigp.dll
2018-01-01 02:18 . 2018-01-16 16:11 14183936 ----a-w- c:\windows\system32\shell32.dll
2018-01-01 02:18 . 2018-01-16 16:11 1110528 ----a-w- c:\windows\system32\schedsvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 512000 ----a-w- c:\windows\system32\rpcss.dll
2018-01-01 02:18 . 2018-01-16 16:10 95744 ----a-w- c:\windows\system32\rascfg.dll
2018-01-01 02:18 . 2018-01-16 16:10 76288 ----a-w- c:\windows\system32\rasdiag.dll
2018-01-01 02:18 . 2018-01-16 16:10 41472 ----a-w- c:\windows\system32\rasmxs.dll
2018-01-01 02:18 . 2018-01-16 16:10 29696 ----a-w- c:\windows\system32\rasser.dll
2018-01-01 02:18 . 2018-01-16 16:11 2066432 ----a-w- c:\windows\system32\ole32.dll
2018-01-01 02:18 . 2018-01-16 16:10 439296 ----a-w- c:\windows\system32\p2psvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 842752 ----a-w- c:\windows\system32\nshwfp.dll
2018-01-01 02:18 . 2018-01-16 16:10 327168 ----a-w- c:\windows\system32\pnrpsvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 264704 ----a-w- c:\windows\system32\P2P.dll
2018-01-01 02:18 . 2018-01-16 16:10 26112 ----a-w- c:\windows\system32\oleres.dll
2018-01-01 02:18 . 2018-01-16 16:11 2004480 ----a-w- c:\windows\system32\msxml6.dll
2018-01-01 02:18 . 2018-01-16 16:10 303104 ----a-w- c:\windows\system32\nlasvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 70656 ----a-w- c:\windows\system32\nlaapi.dll
2018-01-01 02:18 . 2018-01-16 16:10 223232 ----a-w- c:\windows\system32\ncsi.dll
2018-01-01 02:18 . 2018-01-16 16:10 60928 ----a-w- c:\windows\system32\ndptsp.tsp
2018-01-01 02:18 . 2018-01-16 16:10 2048 ----a-w- c:\windows\system32\msxml6r.dll
2018-01-01 02:18 . 2018-01-16 16:10 828928 ----a-w- c:\windows\system32\MPSSVC.dll
2018-01-01 02:18 . 2018-01-16 16:10 47104 ----a-w- c:\windows\system32\kmddsp.tsp
2018-01-01 02:18 . 2018-01-16 16:10 977408 ----a-w- c:\windows\system32\inetcomm.dll
2018-01-01 02:18 . 2018-01-16 16:10 863232 ----a-w- c:\windows\system32\IKEEXT.DLL
2018-01-01 02:18 . 2018-01-16 16:10 108544 ----a-w- c:\windows\system32\icfupgd.dll
2018-01-01 02:18 . 2018-01-16 16:10 84480 ----a-w- c:\windows\system32\INETRES.dll
2018-01-01 02:18 . 2018-01-16 16:11 1867776 ----a-w- c:\windows\system32\ExplorerFrame.dll
2018-01-01 02:18 . 2018-01-16 16:10 749568 ----a-w- c:\windows\system32\FirewallAPI.dll
2018-01-01 02:18 . 2018-01-16 16:10 101376 ----a-w- c:\windows\system32\fdWCN.dll
2018-01-01 02:18 . 2018-01-16 16:10 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2018-01-01 02:18 . 2018-01-16 16:10 8704 ----a-w- c:\windows\system32\comcat.dll
2018-01-01 02:18 . 2018-01-16 16:10 1942016 ----a-w- c:\windows\system32\authui.dll
2018-01-01 02:18 . 2018-01-16 16:10 705024 ----a-w- c:\windows\system32\BFE.DLL
2018-01-01 02:18 . 2018-01-16 16:10 961024 ----a-w- c:\windows\system32\actxprxy.dll
2018-01-01 02:18 . 2018-01-16 16:10 70144 ----a-w- c:\windows\system32\appinfo.dll
2018-01-01 02:04 . 2018-01-16 16:10 559616 ----a-w- c:\windows\system32\spoolsv.exe
2018-01-01 02:00 . 2018-01-16 16:10 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2018-01-01 02:00 . 2018-01-16 16:10 351744 ----a-w- c:\windows\SysWow64\winhttp.dll
2018-01-01 02:00 . 2018-01-16 16:10 304640 ----a-w- c:\windows\SysWow64\taskcomp.dll
2018-01-01 02:00 . 2018-01-16 16:10 33280 ----a-w- c:\windows\SysWow64\traffic.dll
2018-01-01 02:00 . 2018-01-16 16:10 81408 ----a-w- c:\windows\SysWow64\rascfg.dll
2018-01-01 02:00 . 2018-01-16 16:10 61952 ----a-w- c:\windows\SysWow64\rasdiag.dll
2018-01-01 02:00 . 2018-01-16 16:10 1417728 ----a-w- c:\windows\SysWow64\ole32.dll
2018-01-01 02:00 . 2018-01-16 16:10 666624 ----a-w- c:\windows\SysWow64\nshwfp.dll
2018-01-01 02:00 . 2018-01-16 16:10 217600 ----a-w- c:\windows\SysWow64\P2P.dll
2018-01-01 02:00 . 2018-01-16 16:10 26112 ----a-w- c:\windows\SysWow64\oleres.dll
2018-01-01 02:00 . 2018-01-16 16:10 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2018-01-01 02:00 . 2018-01-16 16:10 50688 ----a-w- c:\windows\SysWow64\ndptsp.tsp
2018-01-01 02:00 . 2018-01-16 16:10 162304 ----a-w- c:\windows\SysWow64\ncsi.dll
2018-01-01 02:00 . 2018-01-16 16:10 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2018-01-01 02:00 . 2018-01-16 16:10 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2018-01-01 02:00 . 2018-01-16 16:10 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2018-01-01 02:00 . 2018-01-16 16:10 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2018-01-01 02:00 . 2018-01-16 16:10 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2018-01-01 02:00 . 2018-01-16 16:10 463360 ----a-w- c:\windows\SysWow64\FirewallAPI.dll
2018-01-01 02:00 . 2018-01-16 16:10 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2018-01-01 02:00 . 2018-01-16 16:10 81920 ----a-w- c:\windows\SysWow64\fdWCN.dll
2018-01-01 01:59 . 2018-01-16 16:10 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2018-01-01 01:59 . 2018-01-16 16:10 309760 ----a-w- c:\windows\SysWow64\actxprxy.dll
2018-01-01 01:55 . 2018-01-16 16:10 88576 ----a-w- c:\windows\system32\drivers\wanarp.sys
2018-01-01 01:55 . 2018-01-16 16:10 58368 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2018-01-01 01:55 . 2018-01-16 16:10 24064 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2018-01-01 01:55 . 2018-01-16 16:10 131584 ----a-w- c:\windows\system32\drivers\pacer.sys
2018-01-01 01:55 . 2018-01-16 16:10 45056 ----a-w- c:\windows\system32\drivers\netbios.sys
2018-01-01 01:54 . 2018-01-16 16:10 77312 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2018-01-01 01:50 . 2018-01-16 16:11 455680 ----a-w- c:\windows\system32\winlogon.exe
2018-01-01 01:43 . 2018-01-16 16:10 38912 ----a-w- c:\windows\SysWow64\kmddsp.tsp
2018-01-01 01:43 . 2018-01-16 16:10 33280 ----a-w- c:\windows\SysWow64\rasmxs.dll
2018-01-01 01:43 . 2018-01-16 16:10 22528 ----a-w- c:\windows\SysWow64\rasser.dll
2018-01-01 01:43 . 2018-01-16 16:10 13824 ----a-w- c:\windows\SysWow64\wshqos.dll
2018-01-01 01:43 . 2018-01-16 16:10 86528 ----a-w- c:\windows\SysWow64\WcnApi.dll
2018-01-01 01:43 . 2018-01-16 16:10 19968 ----a-w- c:\windows\SysWow64\WcnEapAuthProxy.dll
2018-01-01 01:43 . 2018-01-16 16:10 20480 ----a-w- c:\windows\SysWow64\WcnEapPeerProxy.dll
2018-01-01 01:43 . 2018-01-16 16:10 18944 ----a-w- c:\windows\SysWow64\wfapigp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2018-01-09 10257872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avp"="c:\program files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe" [2013-11-27 741360]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-14 343168]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-12-19 587288]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2018-02-08 3567936]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox Update Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys;c:\windows\SYSNATIVE\DRIVERS\btmnet.sys [x]
R3 cpuz134;cpuz134;c:\users\Martin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Martin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys;c:\windows\SYSNATIVE\drivers\hpfx64fax.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys;c:\windows\SYSNATIVE\DRIVERS\klfltdev.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x]
S3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
S3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBPROTECTION
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-08-10 15:24 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2018-02-18 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-26 12:29]
.
2018-02-18 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-26 12:29]
.
2018-01-23 c:\windows\Tasks\HPCeeScheduleForMARTIN-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2018-02-16 c:\windows\Tasks\HPCeeScheduleForMartin.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\hewlett-packard\hp hotkey support\qlbcontroller.exe" [2011-01-28 299576]
"HPConnectionManager"="c:\program files (x86)\hewlett-packard\hp connection manager\hpcmdelaystart.exe" [2011-04-05 94264]
"HP Software Update"="c:\program files (x86)\hp\hp software update\hpwuschd2.exe" [2013-05-30 96056]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe" [2010-11-15 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe" [2010-11-15 821144]
"HPUsageTracking"="c:\program files (x86)\hp\hp ut\bin\hppusg.exe" [2009-05-11 24576]
"IAStorIcon"="c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe" [2011-01-26 283160]
"MFNetworkScannerSelector"="c:\program files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE" [2015-01-22 425512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
------- Doplňkový sken -------
.
uStart Page = https://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
Trusted Zone: dropbox.com\www
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0hc948pb.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_161_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_161_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_28_0_0_161_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_28_0_0_161_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.28"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Malwarebytes\Anti-Malware\mbamtray.exe
.
**************************************************************************
.
Celkový čas: 2018-02-18 11:51:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2018-02-18 10:51
.
Před spuštěním: Volných bajtů: 78 076 665 856
Po spuštění: Volných bajtů: 77 543 284 736
.
- - End Of File - - 130FD9636FE7A3734F0ED1586F631488
A36C5E4F47E84449FF07ED3517B43A31

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod jaro3 » 18 úno 2018 13:34

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2667363314-4001841983-3866546278-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML-308046B0AF4A39CB"
.
[HKEY_USERS\S-1-5-21-2667363314-4001841983-3866546278-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_161_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_161_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_28_0_0_161_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_28_0_0_161_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.28"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_161.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 13:45

Ten Combofix mi zmizl, mám ho stáhnout znovu?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod jaro3 » 18 úno 2018 16:04

Jak zmizl?

No tak ho stáhni znovu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 16:55

ComboFix 18-02-16.01 - Martin 18.02.2018 16:30:02.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2359 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: Kaspersky Endpoint Security 10 for Windows *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Endpoint Security 10 for Windows *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Endpoint Security 10 for Windows *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2018-01-18 do 2018-02-18 )))))))))))))))))))))))))))))))
.
.
2018-02-18 15:45 . 2018-02-18 15:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-02-18 09:13 . 2018-02-18 09:13 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2018-02-18 09:13 . 2018-02-18 09:13 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2018-02-18 09:13 . 2018-02-18 09:13 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2018-02-18 09:13 . 2018-02-18 09:13 -------- d-----w- c:\users\Martin\AppData\Local\Zemana
2018-02-17 19:03 . 2018-02-17 19:03 -------- d-----w- C:\zoek
2018-02-16 23:50 . 2018-02-16 23:50 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-02-16 23:48 . 2018-02-17 09:00 -------- d-----w- c:\programdata\RogueKiller
2018-02-16 19:44 . 2018-02-16 19:44 -------- d-----w- c:\programdata\Sophos
2018-02-16 19:42 . 2018-02-16 19:42 -------- d-----w- c:\program files (x86)\Sophos
2018-02-16 16:52 . 2017-11-29 08:11 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2018-02-16 16:51 . 2018-02-16 16:51 -------- d-----w- c:\programdata\Malwarebytes
2018-02-16 16:51 . 2018-02-16 16:51 -------- d-----w- c:\program files\Malwarebytes
2018-02-16 16:42 . 2018-02-16 18:37 -------- d-----w- C:\AdwCleaner
2018-02-16 16:21 . 2011-05-27 09:06 221184 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2018-02-16 16:21 . 2010-04-01 12:11 162304 ----a-w- c:\windows\system32\AESTAC64.dll
2018-02-16 16:21 . 2009-10-09 22:45 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2018-02-16 16:21 . 2009-03-02 23:58 68608 ----a-w- c:\windows\system32\AESTAR64.dll
2018-02-16 16:21 . 2011-05-27 09:06 6382080 ----a-w- c:\windows\system32\IDTNGUI.exe
2018-02-16 16:21 . 2011-05-27 09:06 4933120 ----a-w- c:\windows\system32\IDTNHP.dll
2018-02-16 16:21 . 2011-05-27 09:06 212480 ----a-w- c:\windows\system32\IDTNJ.exe
2018-02-16 16:21 . 2011-05-27 09:06 1029120 ----a-w- c:\windows\system32\IDTNX.dll
2018-02-16 16:21 . 2011-05-27 09:06 4780032 ----a-w- c:\windows\system32\stlang64.dll
2018-02-16 16:21 . 2011-05-27 09:06 1523712 ----a-w- c:\windows\system32\IDTNC64.cpl
2018-02-16 16:21 . 2011-05-27 09:06 1128448 ----a-w- c:\windows\sttray64.exe
2018-02-16 16:21 . 2009-03-02 23:47 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2018-02-16 14:56 . 2018-02-16 17:32 -------- d-----w- c:\windows\AutoKMS
2018-02-16 09:29 . 2018-02-16 09:31 -------- d-----w- c:\program files (x86)\SpeedFan
2018-02-15 15:17 . 2018-02-10 07:26 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2018-02-15 15:03 . 2018-01-21 23:40 654336 ----a-w- c:\windows\system32\aeinv.dll
2018-02-15 15:03 . 2018-01-19 14:05 749568 ----a-w- c:\windows\system32\generaltel.dll
2018-02-15 15:03 . 2018-01-19 14:05 604672 ----a-w- c:\windows\system32\devinv.dll
2018-02-15 15:03 . 2018-01-19 14:05 450048 ----a-w- c:\windows\system32\centel.dll
2018-02-15 15:03 . 2018-01-19 14:05 378880 ----a-w- c:\windows\system32\invagent.dll
2018-02-15 15:03 . 2018-01-19 14:05 236544 ----a-w- c:\windows\system32\aepic.dll
2018-02-15 15:03 . 2018-01-19 14:05 1994752 ----a-w- c:\windows\system32\aitstatic.exe
2018-02-15 15:03 . 2018-01-19 14:05 1569280 ----a-w- c:\windows\system32\appraiser.dll
2018-02-15 15:03 . 2018-01-19 14:05 262144 ----a-w- c:\windows\system32\acmigration.dll
2018-02-15 15:03 . 2018-01-21 23:50 136424 ----a-w- c:\windows\system32\CompatTelRunner.exe
2018-02-09 16:42 . 2018-02-09 16:42 -------- d-----w- c:\program files\Motorola
2018-02-09 16:42 . 2018-02-09 16:42 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2018-02-09 16:41 . 2018-02-09 16:41 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2018-02-09 14:14 . 2018-02-09 14:14 -------- d-----w- c:\users\Martin\AppData\Roaming\HD Tune Pro
2018-02-09 14:14 . 2018-02-10 12:28 -------- d-----w- c:\program files (x86)\HD Tune Pro
2018-02-08 20:10 . 2018-02-08 20:10 51024 ----a-w- c:\windows\system32\DbxSvc.exe
2018-02-08 20:10 . 2018-02-08 20:10 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2018-02-08 20:10 . 2018-02-08 20:10 45640 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2018-02-08 20:10 . 2018-02-08 20:10 45640 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2018-02-07 10:58 . 2018-02-07 10:58 -------- d-----w- c:\program files\CCleaner
2018-02-02 11:53 . 2011-01-31 10:04 174168 ----a-w- c:\windows\system32\drivers\jmcr.sys
2018-02-02 11:34 . 2018-02-02 11:37 -------- d-----w- c:\program files\IDT
2018-02-02 11:26 . 2018-02-02 11:26 -------- d-----w- C:\Intel
2018-02-02 11:16 . 2018-02-02 11:15 582144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
2018-02-02 11:16 . 2018-02-02 11:15 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2018-02-02 11:16 . 2018-02-02 11:15 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2018-02-02 11:16 . 2018-02-02 11:15 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2018-02-02 11:16 . 2018-02-02 11:15 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2018-02-02 11:16 . 2018-02-02 11:15 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2018-02-02 11:05 . 2018-02-02 11:05 -------- d-----w- c:\windows\HP
2018-02-01 09:12 . 2018-02-01 09:12 -------- d-----w- c:\programdata\Doctor Web
2018-02-01 09:12 . 2018-02-01 11:27 -------- d-----w- c:\users\Martin\Doctor Web
2018-01-26 12:31 . 2018-02-12 09:43 -------- d-----w- c:\program files (x86)\Dropbox
2018-01-23 08:34 . 2017-12-05 17:36 218112 ----a-w- c:\windows\system32\WinSCard.dll
2018-01-23 08:34 . 2017-12-05 17:36 1484288 ----a-w- c:\windows\system32\crypt32.dll
2018-01-23 08:34 . 2017-12-05 17:08 1176576 ----a-w- c:\windows\SysWow64\crypt32.dll
2018-01-23 08:34 . 2017-12-05 16:04 404992 ----a-w- c:\windows\system32\wisptis.exe
2018-01-23 08:34 . 2017-12-05 17:08 135168 ----a-w- c:\windows\SysWow64\WinSCard.dll
2018-01-23 08:34 . 2017-12-05 17:36 229376 ----a-w- c:\windows\system32\wintrust.dll
2018-01-23 08:34 . 2017-12-05 17:36 92160 ----a-w- c:\windows\system32\TabSvc.dll
2018-01-23 08:34 . 2017-12-05 17:36 190976 ----a-w- c:\windows\system32\cryptsvc.dll
2018-01-23 08:34 . 2017-12-05 17:36 141824 ----a-w- c:\windows\system32\cryptnet.dll
2018-01-23 08:34 . 2017-12-05 17:08 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2018-01-23 08:34 . 2017-12-05 17:08 145920 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2018-01-23 08:34 . 2017-12-05 17:08 106496 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-02-15 15:36 . 2017-10-16 09:04 130067560 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-02-15 15:35 . 2012-04-23 06:35 130067560 -c--a-w- c:\windows\system32\MRT.exe
2018-02-07 11:51 . 2012-04-19 18:29 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-02-07 11:51 . 2012-04-19 18:29 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-01-18 09:10 . 2014-12-10 16:14 97344 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2018-01-12 16:40 . 2018-02-15 15:17 345600 ----a-w- c:\windows\system32\schannel.dll
2018-01-12 16:40 . 2018-02-15 15:17 190464 ----a-w- c:\windows\system32\rpchttp.dll
2018-01-12 16:26 . 2018-02-15 15:17 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2018-01-12 16:26 . 2018-02-15 15:17 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2018-01-12 16:26 . 2018-02-15 15:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2018-01-01 16:12 . 2018-01-16 16:10 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2018-01-01 02:21 . 2018-01-16 16:11 1680616 ----a-w- c:\windows\system32\drivers\ntfs.sys
2018-01-01 02:21 . 2018-01-16 16:11 288488 ----a-w- c:\windows\system32\drivers\fltMgr.sys
2018-01-01 02:21 . 2018-01-16 16:10 948968 ----a-w- c:\windows\system32\drivers\ndis.sys
2018-01-01 02:21 . 2018-01-16 16:10 213736 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2018-01-01 02:21 . 2018-01-16 16:10 114408 ----a-w- c:\windows\system32\consent.exe
2018-01-01 02:18 . 2018-01-16 16:10 16896 ----a-w- c:\windows\system32\wshqos.dll
2018-01-01 02:18 . 2018-01-16 16:10 13312 ----a-w- c:\windows\system32\wshnetbs.dll
2018-01-01 02:18 . 2018-01-16 16:11 1741312 ----a-w- c:\windows\system32\sysmain.dll
2018-01-01 02:18 . 2018-01-16 16:10 473600 ----a-w- c:\windows\system32\taskcomp.dll
2018-01-01 02:18 . 2018-01-16 16:10 444928 ----a-w- c:\windows\system32\winhttp.dll
2018-01-01 02:18 . 2018-01-16 16:10 366592 ----a-w- c:\windows\system32\wcncsvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 120320 ----a-w- c:\windows\system32\WcnApi.dll
2018-01-01 02:18 . 2018-01-16 16:10 39424 ----a-w- c:\windows\system32\traffic.dll
2018-01-01 02:18 . 2018-01-16 16:10 24576 ----a-w- c:\windows\system32\WcnEapPeerProxy.dll
2018-01-01 02:18 . 2018-01-16 16:10 24064 ----a-w- c:\windows\system32\WcnEapAuthProxy.dll
2018-01-01 02:18 . 2018-01-16 16:10 22528 ----a-w- c:\windows\system32\wfapigp.dll
2018-01-01 02:18 . 2018-01-16 16:11 14183936 ----a-w- c:\windows\system32\shell32.dll
2018-01-01 02:18 . 2018-01-16 16:11 1110528 ----a-w- c:\windows\system32\schedsvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 512000 ----a-w- c:\windows\system32\rpcss.dll
2018-01-01 02:18 . 2018-01-16 16:10 95744 ----a-w- c:\windows\system32\rascfg.dll
2018-01-01 02:18 . 2018-01-16 16:10 76288 ----a-w- c:\windows\system32\rasdiag.dll
2018-01-01 02:18 . 2018-01-16 16:10 41472 ----a-w- c:\windows\system32\rasmxs.dll
2018-01-01 02:18 . 2018-01-16 16:10 29696 ----a-w- c:\windows\system32\rasser.dll
2018-01-01 02:18 . 2018-01-16 16:11 2066432 ----a-w- c:\windows\system32\ole32.dll
2018-01-01 02:18 . 2018-01-16 16:10 439296 ----a-w- c:\windows\system32\p2psvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 842752 ----a-w- c:\windows\system32\nshwfp.dll
2018-01-01 02:18 . 2018-01-16 16:10 327168 ----a-w- c:\windows\system32\pnrpsvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 264704 ----a-w- c:\windows\system32\P2P.dll
2018-01-01 02:18 . 2018-01-16 16:10 26112 ----a-w- c:\windows\system32\oleres.dll
2018-01-01 02:18 . 2018-01-16 16:11 2004480 ----a-w- c:\windows\system32\msxml6.dll
2018-01-01 02:18 . 2018-01-16 16:10 303104 ----a-w- c:\windows\system32\nlasvc.dll
2018-01-01 02:18 . 2018-01-16 16:10 70656 ----a-w- c:\windows\system32\nlaapi.dll
2018-01-01 02:18 . 2018-01-16 16:10 223232 ----a-w- c:\windows\system32\ncsi.dll
2018-01-01 02:18 . 2018-01-16 16:10 60928 ----a-w- c:\windows\system32\ndptsp.tsp
2018-01-01 02:18 . 2018-01-16 16:10 2048 ----a-w- c:\windows\system32\msxml6r.dll
2018-01-01 02:18 . 2018-01-16 16:10 828928 ----a-w- c:\windows\system32\MPSSVC.dll
2018-01-01 02:18 . 2018-01-16 16:10 47104 ----a-w- c:\windows\system32\kmddsp.tsp
2018-01-01 02:18 . 2018-01-16 16:10 977408 ----a-w- c:\windows\system32\inetcomm.dll
2018-01-01 02:18 . 2018-01-16 16:10 863232 ----a-w- c:\windows\system32\IKEEXT.DLL
2018-01-01 02:18 . 2018-01-16 16:10 108544 ----a-w- c:\windows\system32\icfupgd.dll
2018-01-01 02:18 . 2018-01-16 16:10 84480 ----a-w- c:\windows\system32\INETRES.dll
2018-01-01 02:18 . 2018-01-16 16:11 1867776 ----a-w- c:\windows\system32\ExplorerFrame.dll
2018-01-01 02:18 . 2018-01-16 16:10 749568 ----a-w- c:\windows\system32\FirewallAPI.dll
2018-01-01 02:18 . 2018-01-16 16:10 101376 ----a-w- c:\windows\system32\fdWCN.dll
2018-01-01 02:18 . 2018-01-16 16:10 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2018-01-01 02:18 . 2018-01-16 16:10 8704 ----a-w- c:\windows\system32\comcat.dll
2018-01-01 02:18 . 2018-01-16 16:10 1942016 ----a-w- c:\windows\system32\authui.dll
2018-01-01 02:18 . 2018-01-16 16:10 705024 ----a-w- c:\windows\system32\BFE.DLL
2018-01-01 02:18 . 2018-01-16 16:10 961024 ----a-w- c:\windows\system32\actxprxy.dll
2018-01-01 02:18 . 2018-01-16 16:10 70144 ----a-w- c:\windows\system32\appinfo.dll
2018-01-01 02:04 . 2018-01-16 16:10 559616 ----a-w- c:\windows\system32\spoolsv.exe
2018-01-01 02:00 . 2018-01-16 16:10 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2018-01-01 02:00 . 2018-01-16 16:10 351744 ----a-w- c:\windows\SysWow64\winhttp.dll
2018-01-01 02:00 . 2018-01-16 16:10 304640 ----a-w- c:\windows\SysWow64\taskcomp.dll
2018-01-01 02:00 . 2018-01-16 16:10 33280 ----a-w- c:\windows\SysWow64\traffic.dll
2018-01-01 02:00 . 2018-01-16 16:10 81408 ----a-w- c:\windows\SysWow64\rascfg.dll
2018-01-01 02:00 . 2018-01-16 16:10 61952 ----a-w- c:\windows\SysWow64\rasdiag.dll
2018-01-01 02:00 . 2018-01-16 16:10 1417728 ----a-w- c:\windows\SysWow64\ole32.dll
2018-01-01 02:00 . 2018-01-16 16:10 666624 ----a-w- c:\windows\SysWow64\nshwfp.dll
2018-01-01 02:00 . 2018-01-16 16:10 217600 ----a-w- c:\windows\SysWow64\P2P.dll
2018-01-01 02:00 . 2018-01-16 16:10 26112 ----a-w- c:\windows\SysWow64\oleres.dll
2018-01-01 02:00 . 2018-01-16 16:10 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2018-01-01 02:00 . 2018-01-16 16:10 50688 ----a-w- c:\windows\SysWow64\ndptsp.tsp
2018-01-01 02:00 . 2018-01-16 16:10 162304 ----a-w- c:\windows\SysWow64\ncsi.dll
2018-01-01 02:00 . 2018-01-16 16:10 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2018-01-01 02:00 . 2018-01-16 16:10 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2018-01-01 02:00 . 2018-01-16 16:10 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2018-01-01 02:00 . 2018-01-16 16:10 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2018-01-01 02:00 . 2018-01-16 16:10 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2018-01-01 02:00 . 2018-01-16 16:10 463360 ----a-w- c:\windows\SysWow64\FirewallAPI.dll
2018-01-01 02:00 . 2018-01-16 16:10 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2018-01-01 02:00 . 2018-01-16 16:10 81920 ----a-w- c:\windows\SysWow64\fdWCN.dll
2018-01-01 01:59 . 2018-01-16 16:10 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2018-01-01 01:59 . 2018-01-16 16:10 309760 ----a-w- c:\windows\SysWow64\actxprxy.dll
2018-01-01 01:55 . 2018-01-16 16:10 88576 ----a-w- c:\windows\system32\drivers\wanarp.sys
2018-01-01 01:55 . 2018-01-16 16:10 58368 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2018-01-01 01:55 . 2018-01-16 16:10 24064 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2018-01-01 01:55 . 2018-01-16 16:10 131584 ----a-w- c:\windows\system32\drivers\pacer.sys
2018-01-01 01:55 . 2018-01-16 16:10 45056 ----a-w- c:\windows\system32\drivers\netbios.sys
2018-01-01 01:54 . 2018-01-16 16:10 77312 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2018-01-01 01:50 . 2018-01-16 16:11 455680 ----a-w- c:\windows\system32\winlogon.exe
2018-01-01 01:43 . 2018-01-16 16:10 38912 ----a-w- c:\windows\SysWow64\kmddsp.tsp
2018-01-01 01:43 . 2018-01-16 16:10 33280 ----a-w- c:\windows\SysWow64\rasmxs.dll
2018-01-01 01:43 . 2018-01-16 16:10 22528 ----a-w- c:\windows\SysWow64\rasser.dll
2018-01-01 01:43 . 2018-01-16 16:10 13824 ----a-w- c:\windows\SysWow64\wshqos.dll
2018-01-01 01:43 . 2018-01-16 16:10 86528 ----a-w- c:\windows\SysWow64\WcnApi.dll
2018-01-01 01:43 . 2018-01-16 16:10 19968 ----a-w- c:\windows\SysWow64\WcnEapAuthProxy.dll
2018-01-01 01:43 . 2018-01-16 16:10 20480 ----a-w- c:\windows\SysWow64\WcnEapPeerProxy.dll
2018-01-01 01:43 . 2018-01-16 16:10 18944 ----a-w- c:\windows\SysWow64\wfapigp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 289104 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2018-01-09 10257872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avp"="c:\program files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe" [2013-11-27 741360]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-14 343168]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-12-19 587288]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2018-02-08 3567936]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox Update Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys;c:\windows\SYSNATIVE\DRIVERS\btmnet.sys [x]
R3 cpuz134;cpuz134;c:\users\Martin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Martin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys;c:\windows\SYSNATIVE\drivers\hpfx64fax.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys;c:\windows\SYSNATIVE\DRIVERS\klfltdev.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - ESProtectionDriver
*Deregistered* - MBAMFarflt
*Deregistered* - MBAMProtection
*Deregistered* - MBAMSwissArmy
*Deregistered* - MBAMWebProtection
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-08-10 15:24 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2018-02-18 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-26 12:29]
.
2018-02-18 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-26 12:29]
.
2018-01-23 c:\windows\Tasks\HPCeeScheduleForMARTIN-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2018-02-16 c:\windows\Tasks\HPCeeScheduleForMartin.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-02-08 19:59 337232 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\hewlett-packard\hp hotkey support\qlbcontroller.exe" [2011-01-28 299576]
"HPConnectionManager"="c:\program files (x86)\hewlett-packard\hp connection manager\hpcmdelaystart.exe" [2011-04-05 94264]
"HP Software Update"="c:\program files (x86)\hp\hp software update\hpwuschd2.exe" [2013-05-30 96056]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe" [2010-11-15 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe" [2010-11-15 821144]
"HPUsageTracking"="c:\program files (x86)\hp\hp ut\bin\hppusg.exe" [2009-05-11 24576]
"IAStorIcon"="c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe" [2011-01-26 283160]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"MFNetworkScannerSelector"="c:\program files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE" [2015-01-22 425512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
------- Doplňkový sken -------
.
uStart Page = https://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
Trusted Zone: dropbox.com\www
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0hc948pb.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_161_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_161_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2018-02-18 16:50:22
ComboFix-quarantined-files.txt 2018-02-18 15:50
ComboFix2.txt 2018-02-18 10:51
.
Před spuštěním: Volných bajtů: 77 298 196 480
Po spuštění: Volných bajtů: 77 187 055 616
.
- - End Of File - - 6B67E22A49081F428CC4D1E0FE958AEA
A36C5E4F47E84449FF07ED3517B43A31

smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 17:11

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2018-02-18 17:06:04
-----------------------------
17:06:04.842 OS Version: Windows x64 6.1.7601 Service Pack 1
17:06:04.842 Number of processors: 2 586 0x2A07
17:06:04.842 ComputerName: MARTIN-HP UserName: Martin
17:06:07.837 Initialize success
17:06:07.884 VM: initialized successfully
17:06:07.884 VM: Intel CPU virtualization not supported
17:06:32.745 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:06:32.760 Disk 0 Vendor: ST9500325AS 0005HPM1 Size: 476940MB BusType: 11
17:06:32.979 Disk 0 MBR read successfully
17:06:32.979 Disk 0 MBR scan
17:06:32.979 Disk 0 Windows 7 default MBR code
17:06:32.994 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
17:06:32.994 Disk 0 default boot code
17:06:33.010 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 455337 MB offset 616448
17:06:33.041 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16179 MB offset 933146624
17:06:33.057 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 966281216
17:06:33.244 Disk 0 scanning C:\windows\system32\drivers
17:06:47.643 Service scanning
17:06:59.733 Service KL1 C:\windows\system32\DRIVERS\kl1.sys **LOCKED** 5
17:06:59.764 Service kl2 C:\windows\system32\DRIVERS\kl2.sys **LOCKED** 5
17:06:59.795 Service KLFLTDEV C:\windows\system32\DRIVERS\klfltdev.sys **LOCKED** 5
17:06:59.904 Service KLIM6 C:\windows\system32\DRIVERS\klim6.sys **LOCKED** 5
17:06:59.936 Service kltdi C:\windows\system32\DRIVERS\kltdi.sys **LOCKED** 5
17:06:59.967 Service kneps C:\windows\system32\DRIVERS\kneps.sys **LOCKED** 5
17:07:17.423 Modules scanning
17:07:17.423 Disk 0 trace - called modules:
17:07:17.486 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:07:17.501 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80050aa060]
17:07:17.501 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80050a9430]
17:07:17.501 5 hpdskflt.sys[fffff88001fa7189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f57060]
17:07:17.517 Disk 0 statistics 104967/0/0 @ 3,72 MB/s
17:07:17.517 Scan finished successfully
17:10:52.594 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
17:10:52.594 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"

smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 17:14

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:13:35, on 18.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18921)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\windows\SysWOW64\DllHost.exe
C:\Users\Martin\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba Kaspersky Endpoint Security (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 13520 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod jaro3 » 18 úno 2018 19:50

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: (no name) - AutorunsDisabled - (no file)


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 21:34

# DelFix v1.013 - Logfile created 18/02/2018 at 21:28:42
# Updated 17/04/2016 by Xplode
# Username : Martin - MARTIN-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\32788R22FWJFW
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2018-02-17-090623.log
Deleted : C:\Users\Martin\Desktop\AdwCleaner.exe
Deleted : C:\Users\Martin\Desktop\JRT.exe
Deleted : C:\Users\Martin\Desktop\JRT.txt
Deleted : C:\Users\Martin\Desktop\MBR.dat
Deleted : C:\Users\Martin\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\Martin\Desktop\zoek.exe
Deleted : C:\Users\Martin\Downloads\HijackThis.exe
Deleted : C:\Users\Martin\Downloads\hijackthis.log
Deleted : C:\Users\Martin\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #575 [ComboFix created restore point | 02/18/2018 20:01:54]

New restore point created !

########## - EOF - ##########

smana
nováček
Příspěvky: 20
Registrován: únor 18
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod smana » 18 úno 2018 21:46

Asi o chlup lepšé, sem tam se to na chvilku kousne, uvidím přes týden v práci, zatím moc díky.

Ty programy co jsem stahoval můžu všechny odinstalovat,nebo?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod jaro3 » 18 úno 2018 21:52

Sophos a Zemana můžeš odinstalovat.

Ještě dej pak vědět.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů